Show Notes - 2026-04-21
Stories Covered
- April 21, 2026
- Today:
- CISA Adds Eight Exploited Vulnerabilities to KEV Catalog [Critical Alerts]
- Apache ActiveMQ Code Injection (CVE-2026-34197) [Critical Alerts]
- Windows Task Host Privilege Escalation (CVE-2025-60710) [Critical Alerts]
- Microsoft Defender BlueHammer Zero-Day (CVE-2026-33825) [Critical Alerts]
- Axios npm Supply Chain Compromise [Critical Alerts]
- Gentlemen Ransomware Deploys SystemBC Botnet [Ransomware & Extortion]
- Adaptavist Group Breach Spawns Imposter Emails [Ransomware & Extortion]
- Florida Ransomware Negotiator Pleads Guilty [Ransomware & Extortion]
- Minidoka Memorial Hospital Cyberattack [Ransomware & Extortion]
- Microsoft Teams Abused in Helpdesk Impersonation Attacks [Business & Infrastructure Threats]
- Vercel Breach via Context.ai AI Tool Compromise [Business & Infrastructure Threats]
- Splunk Enterprise/Cloud Platform RCE (CVE-2026-20204) [Business & Infrastructure Threats]
- Booking.com Data Breach [Business & Infrastructure Threats]
- McGraw-Hill Data Breach via Salesforce [Business & Infrastructure Threats]
- Basic-Fit Gym Chain Data Breach [Business & Infrastructure Threats]
- Seiko USA Website Defaced [Business & Infrastructure Threats]
- Microsoft Credential Elimination and Managed Identities [Windows / AD Security]
- Windows Server April Update Causes Domain Controller Restart Loop [Windows / AD Security]
- Scattered Spider Leader Pleads Guilty [General Security News]
- AI-Driven Breach of Mexican Government Agencies [General Security News]
- Fake Claude AI Pro Installer Delivers PlugX [General Security News]
- AI Agent Prompt Injection Hijacks GitHub Workflows [General Security News]
- WordPress Supply Chain Compromise [General Security News]
- China's Apple App Store Crypto Wallet Scam [General Security News]
- NGate Android Malware Steals NFC Payment Data [General Security News]
- WAV Files as Malware Delivery Vector [General Security News]
- Anthropic MCP Design Flaw Enables RCE [Vulnerability Disclosures]
- SGLang RCE via Malicious GGUF Model Files (CVE-2026-5760) [Vulnerability Disclosures]
- Google Antigravity AI Agent Sandbox Escape [Vulnerability Disclosures]
- BePrime Cybersecurity Company Breach [Vulnerability Disclosures]
- GreyNoise Traffic Surges Predict Edge Device Vulnerabilities [Vulnerability Disclosures]
CVEs Referenced
CVE-2023-27351, CVE-2024-27198, CVE-2024-27199, CVE-2024-34359, CVE-2025-2749, CVE-2025-32975, CVE-2025-48700, CVE-2025-60710, CVE-2025-61620, CVE-2026-20122, CVE-2026-20128, CVE-2026-20133, CVE-2026-20204, CVE-2026-33825, CVE-2026-34197, CVE-2026-5760
Indicators of Compromise
Domains:
Sfrclak[.]com
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
